ID CVE-2013-4006
Summary IBM WebSphere Application Server (WAS) Liberty Profile 8.5 before 8.5.5.1 uses weak permissions for unspecified files, which allows local users to obtain sensitive information via standard filesystem operations.
References
Vulnerable Configurations
  • IBM WebSphere Application Server 8.5.0.1 (Fix Pack 1) Liberty Profile
    cpe:2.3:a:ibm:websphere_application_server:8.5.0.1:-:liberty_profile
  • IBM WebSphere Application Server 8.5.0.0 Liberty Profile
    cpe:2.3:a:ibm:websphere_application_server:8.5.0.0:-:liberty_profile
  • IBM WebSphere Application Server 8.5.0.2 Liberty Profile
    cpe:2.3:a:ibm:websphere_application_server:8.5.0.2:-:liberty_profile
  • IBM WebSphere Application Server 8.5.5.0 Liberty Profile
    cpe:2.3:a:ibm:websphere_application_server:8.5.5.0:-:liberty_profile
CVSS
Base: 4.3 (as of 18-11-2013 - 14:14)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
NASL family Web Servers
NASL id WEBSPHERE_8_5_5_1.NASL
description IBM WebSphere Application Server 8.5 before Fix Pack 8.5.5.1 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - A flaw exists related to Apache Ant and file compression that could lead to denial of service conditions. (CVE-2012-2098 / PM90088) - Unspecified errors exist related to the administration console that could allow cross-site scripting attacks. (CVE-2013-0460 / PM72275, CVE-2013-5418 / PM96477, CVE-2013-5425 / PM93828) - Multiple errors exist related to the IBM Eclipse Help System that could allow cross-site scripting attacks and information disclosure attacks. (CVE-2013-0464, CVE-2013-0467, CVE-2013-0599 / PM89893) - An input validation flaw exists in the optional 'mod_rewrite' module in the included IBM HTTP Server that could allow arbitrary command execution via HTTP requests containing certain escape sequences. (CVE-2013-1862 / PM87808) - A flaw exists related to the optional 'mod_dav' module in the included IBM HTTP Server that could allow denial of service conditions. (CVE-2013-1896 / PM89996) - A user-supplied input validation error exists that could allow cross-site request forgery (CSRF) attacks to be carried out. (CVE-2013-3029 / PM88746) - User-supplied input validation errors exist related to the administrative console that could allow cross-site scripting attacks. (CVE-2013-4004 / PM81571, CVE-2013-4005 / PM88208) - An unspecified permissions error exists that could allow a local attacker to obtain sensitive information. Note this issue only affects the 'Liberty Profile'. (CVE-2013-4006 / PM90472) - An input validation error exists related to the UDDI Administrative console that could allow cross-site scripting attacks. (CVE-2013-4052 / PM91892) - An attacker may gain elevated privileges because of improper certificate checks. WS-Security and XML Digital Signatures must be enabled. (CVE-2013-4053 / PM90949) - An error exists related to incorrect Administration Security roles and migrations from version 6.1. (CVE-2013-5414 / PM92313) - Unspecified input validation errors exist that could allow cross-site scripting attacks. (CVE-2013-5417 / PM93323 and PM93944)
last seen 2019-01-16
modified 2018-08-06
plugin id 71229
published 2013-12-05
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=71229
title IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.1 Multiple Vulnerabilities
refmap via4
aixapar PM90472
confirm http://www-01.ibm.com/support/docview.wss?&uid=swg21651880
xf was-cve20134006-liberty-perm(85273)
Last major update 19-11-2013 - 14:10
Published 18-11-2013 - 00:23
Last modified 28-08-2017 - 21:33
Back to Top